With
the basic authentication (BasicAuth)
authentication method, the request sender generates a BasicAuth security
token using a callback handler. The request receiver retrieves the
BasicAuth security token from the SOAP message and validates it using
a Java Authentication and Authorization Service
(JAAS) login module. Trust is established by using user name and password
validation.
About this task
Important: There
is an important distinction
between Version 5.x and Version 6.0.x and later applications.
The information in this article supports Version 5.x applications
only that are used with WebSphere® Application Server
Version 6.0.x and later. The information does not apply to
Version 6.0.x and later applications.
WebSphere Application
Server provides several different methods to secure your web services.
BasicAuth authentication is one of these methods. You might also secure
your web services using any of the following methods:
- XML digital
signature
- XML encryption
- BasicAuth authentication
- Identity assertion authentication
- Signature authentication
- Pluggable token
To use BasicAuth authentication
to secure web services,
complete the following tasks:
Procedure
- Secure
the client for BasicAuth authentication.
- Configure
the client for basic authentication: specifying the method
- Configure
the client for basic authentication: collecting the authentication
information
- Secure
the server for BasicAuth authentication.
- Configure
the server to handle basic authentication
- Configure
the server to validate basic authentication information
Results
After completing these
steps, you have secured your web services
using BasicAuth authentication.